配置 gitlab https 访问

文章目录

    • 1. 备份
    • 2. 生成SSL证书
    • 3. 配置文件
    • 4. 重启
    • 5. 访问

1. 备份

docker exec  -ti gitlab-ce  gitlab-rake gitlab:backup:create

2. 生成SSL证书

yum install openssl openssl-devel -y
mkdir /data/gitlab/config/ssl ; cd /data/gitlab/config/ssl

### 生成证书
openssl req -new -newkey rsa:2048 -sha256 -nodes -out gitlab.demo.com.csr -keyout gitlab.demo.com.key -subj "/C=CN/ST=Shanghai/L=Shanghai/O=demo Inc./OU=Web Security/CN=gitlab.demo.com"

openssl x509 -req -days 365 -in gitlab.demo.com.csr -signkey gitlab.demo.com.key -out gitlab.demo.com.crt

3. 配置文件

$ vim /opt/gitlab/config/gitlab.rb
### 添加如下内容 ###
external_url 'https://gitlab.demo.com'
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.demo.com.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.demo.com.key"

nginx['proxy_set_headers'] = {
  "X-Forwarded-Proto" => "https",
  "X-Forwarded-Ssl" => "on"
}

4. 重启

$ docker exec  -ti gitlab-ce gitlab-ctl reconfigure
....
$ docker exec  -ti gitlab-ce gitlab-ctl restart    
ok: run: alertmanager: (pid 628202) 0s
ok: run: gitaly: (pid 628211) 0s
ok: run: gitlab-exporter: (pid 628229) 1s
ok: run: gitlab-kas: (pid 628249) 0s
ok: run: gitlab-workhorse: (pid 628259) 0s
ok: run: logrotate: (pid 628271) 1s
ok: run: nginx: (pid 628277) 0s
ok: run: postgres-exporter: (pid 628285) 1s
ok: run: postgresql: (pid 628295) 0s
ok: run: prometheus: (pid 628304) 0s
ok: run: puma: (pid 628320) 0s
ok: run: redis: (pid 628325) 0s
ok: run: redis-exporter: (pid 628333) 1s
ok: run: registry: (pid 628340) 0s
ok: run: sidekiq: (pid 628355) 0s
ok: run: sshd: (pid 628361) 0s

5. 访问

配置域名解析:
windows: C:\Windows\System32\drivers\etc\hosts

192.168.1.10 gitlab.demo.com

访问:https://gitlab.demo.com

你可能感兴趣的:(git,gitlab,https,网络协议)